Security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
- GitHub: https://github.com/topics/security
- Wikipedia: https://en.wikipedia.org/wiki/Computer_security
- Aliases: security-tools, security-vulnerability, security-audit,
- Last updated: 2026-01-22 00:24:28 UTC
- JSON Representation
https://github.com/lengjibo/NetUser
使用windows api添加用户,可用于net无法使用时.分为nim版,c++版本,RDI版,BOF版。
Last synced: 11 Jul 2025
https://github.com/ukncsc/device-security-guidance-configuration-packs
This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These configurations are aimed primarily at government and other medium/large organisations.
android apple chromeos devices google ios macos mdm microsoft security ubuntu windows
Last synced: 15 May 2025
https://github.com/flipkart-incubator/watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
application-security bugbounty cve-databases cve-search network-security penetration-testing-framework pentest-tool product-security security security-testing security-tools security-vulnerability vulnerability-assessment vulnerability-management
Last synced: 06 Apr 2025
https://github.com/intel/cc-oci-runtime
OCI (Open Containers Initiative) compatible runtime for Intel® Architecture
container containers docker kvm oci security virtual-machine virtualization
Last synced: 20 Apr 2025
https://github.com/pagerduty/security-training
Public version of PagerDuty's employee security training courses.
documentation pagerduty security team-security training
Last synced: 27 Oct 2025
https://github.com/PagerDuty/security-training
Public version of PagerDuty's employee security training courses.
documentation pagerduty security team-security training
Last synced: 02 Apr 2025
https://github.com/keylime/keylime
A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
attestation cloud edge ima iot opensource security tpm virtualization
Last synced: 10 Apr 2025
https://github.com/lavabit/libdime
The DIME resolver library and command line utilities.
dark-mail email encryption messaging security
Last synced: 15 Jun 2025
https://github.com/ukncsc/Device-Security-Guidance-Configuration-Packs
This repository contains policy packs which can be used by system management software to configure device platforms (such as Windows 10 and iOS) in accordance with NCSC device security guidance. These configurations are aimed primarily at government and other medium/large organisations.
android apple chromeos devices google ios macos mdm microsoft security ubuntu windows
Last synced: 30 Apr 2025
https://github.com/Netflix-Skunkworks/policyuniverse
Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
Last synced: 20 Mar 2025
https://github.com/ossf/fuzz-introspector
Fuzz Introspector -- introspect, extend and optimise fuzzers
fuzz-testing fuzzing security security-research testing vulnerability-analysis
Last synced: 15 May 2025
https://github.com/michenriksen/birdwatcher
Data analysis and OSINT framework for Twitter
framework osint ruby security twitter-api
Last synced: 04 Apr 2025
https://github.com/flipkart-incubator/rta
Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
nessus python security security-tools websecurity
Last synced: 05 Apr 2025
https://github.com/WeaselGames/godot_luaAPI
Godot LuaAPI
game game-development gamedev gdscript godot godot-engine godot-module lua modding sandbox security
Last synced: 01 Apr 2025
https://github.com/teamplanes/graphql-rate-limit
Add Rate Limiting To Your GraphQL Resolvers 💂♀️
graphql javascript nodejs security typescript
Last synced: 19 Jan 2026
https://github.com/ikkisoft/serialkiller
Look-Ahead Java Deserialization Library
deserialization java security security-hardening
Last synced: 02 Sep 2025
https://github.com/mandconsultinggroup/porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
devsecops osint postman recon scanning secrets security
Last synced: 25 Oct 2025
https://github.com/OWASP/Python-Honeypot
OWASP Honeypot, Automated Deception Framework.
cybersecurity deception honeynet honeypot informationsecurity infosec owasp security
Last synced: 01 Apr 2025
https://github.com/MandConsultingGroup/porch-pirate
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
devsecops osint postman recon scanning secrets security
Last synced: 20 Apr 2025
https://github.com/panther-labs/panther-analysis
Built-in Panther detection rules and policies
cybersecurity python security siem
Last synced: 12 Aug 2025
https://github.com/pac4j/play-pac4j
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
authentication authorization cas facebook java jwt ldap login logout mongodb oauth openid-connect play-framework saml scala security social-login sql twitter
Last synced: 11 Jan 2026
https://github.com/fkie-cad/fritap
Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
android android-https-capture binary-analysis frida hooking https linux network-analysis network-capture network-forensics security security-audit ssl ssldump tcpdump tls
Last synced: 09 Oct 2025
https://github.com/righettod/poc-graphql
Research on GraphQL from an AppSec point of view.
Last synced: 31 Mar 2025
https://github.com/tna0y/python-random-module-cracker
Predict python's random module generated values.
cracker pseudo-random-generator python random-generation security security-tools
Last synced: 15 May 2025
https://github.com/ivpn/desktop-app
Official IVPN Desktop app
ivpn openvpn privacy security vpn vpn-client wireguard
Last synced: 08 Apr 2025
https://github.com/arun11299/cpp-jwt
JSON Web Token library for C++
cpp11 cpp14 cpp17 jwt jwt-header security
Last synced: 18 Oct 2025
https://github.com/weaselgames/godot_luaapi
Godot LuaAPI
game game-development gamedev gdscript godot godot-engine godot-module lua modding sandbox security
Last synced: 10 Sep 2025
https://github.com/ikkisoft/SerialKiller
Look-Ahead Java Deserialization Library
deserialization java security security-hardening
Last synced: 11 Jul 2025
https://github.com/basti-app/basti
✨ Securely connect to RDS, Elasticache, and other AWS resources in VPCs with no idle cost
automation aws cdk cicd cli cost-optimization hacktoberfest networking nodejs rds security vpc
Last synced: 15 Jan 2026
https://github.com/quillhash/quillaudit_reports
QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
audit-reports bep20 binance-smart-chain blockchain bockchain dapps erc20 erc721 nft penetration-testing polygon security security-audit security-vulnerabilities smartcontract-dapp solana solidity tron vulnerability
Last synced: 16 May 2025
https://github.com/0x0FB0/pulsar
Network footprint scanner platform. Discover domains and run your custom checks periodically.
collaboration cusomization dns integration osint paas recon scanner security
Last synced: 30 Mar 2025
https://github.com/crytic/blockchain-security-contacts
Directory of security contacts for blockchain companies
blockchain directory email ethereum security
Last synced: 15 May 2025
https://github.com/reconmap/reconmap
Vulnerability assessment and penetration testing automation and reporting platform for teams.
bounty-hunting bug-bounty collaboration-platform devsecops hacking hacktoberfest infosec penetration-testing pentesting security security-automation vulnerability vulnerability-management
Last synced: 05 Apr 2025
https://github.com/lennolium/swiftguard
Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports.
anti-forensics defensive-security macos opsec physical-security security tampering-detection
Last synced: 16 May 2025
https://github.com/RisingStack/protect
Proactively protect your Node.js web services
express nodejs security sql-injection xss
Last synced: 03 Apr 2025
https://github.com/risingstack/protect
Proactively protect your Node.js web services
express nodejs security sql-injection xss
Last synced: 04 Apr 2025
https://github.com/Lennolium/swiftGuard
Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports.
anti-forensics defensive-security macos opsec physical-security security tampering-detection
Last synced: 09 May 2025
https://github.com/henrinormak/heimdall
Heimdall is a wrapper around the Security framework for simple encryption/decryption operations.
aes encrypted-messages ios rsa security swift
Last synced: 05 Apr 2025
https://github.com/domain-protect/domain-protect
OWASP Domain Protect - prevent subdomain takeover
aws bugbounty cloudflare dns owasp security security-tools serverless terraform
Last synced: 16 May 2025
https://github.com/slowmist/eos-smart-contract-security-best-practices
A guide to EOS smart contract security best practices
blockchain eosio security smart-contracts
Last synced: 11 Apr 2025
https://github.com/henrinormak/Heimdall
Heimdall is a wrapper around the Security framework for simple encryption/decryption operations.
aes encrypted-messages ios rsa security swift
Last synced: 02 Aug 2025
https://github.com/samayo/bulletproof
Simple and secure image uploader in PHP
image image-upload image-uploader php php-image security upload
Last synced: 15 May 2025
https://github.com/ajinabraham/njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
appsec codereview codescanner devsecops expressjs jslint lint linter njsscan nodejs nodejsscan nodesecurity python sast security security-tools semantic static-analysis static-analyzer staticanalysis
Last synced: 14 May 2025
https://github.com/zricethezav/h1domains
HackerOne "in scope" domains
hackerone hackerone-api security security-automation security-tools security-vulnerability
Last synced: 08 Apr 2025
https://github.com/grapheneos/os-issue-tracker
Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
android grapheneos privacy security
Last synced: 16 May 2025
https://github.com/l4yton/RegHex
A collection of regexes for every possbile use
Last synced: 06 Apr 2025
https://github.com/quarkslab/kdigger
Kubernetes focused container assessment and context discovery tool for penetration testing
containers kubernetes pentest security tool
Last synced: 03 Apr 2025
https://github.com/zorggomat/fractalcryptgui
Free cross-platform deniable encryption cryptoarchiver
aes aes-256 aes-encryption cpp cross-platform cryptography deniable-crypto deniable-encryption minizip openssl openssl-library plausible-deniability qt qt5 qt5-gui quazip security steganography zlib
Last synced: 08 Oct 2025
https://github.com/vatsi2/btc-tax-optimization
Bitcoin whales slash taxes 47%, lock millions offline, and trade undetected. Royen: 2025’s elite crypto fortress. Become untouchable.
aml bitcoin bitcoin-analysis bitcoin-etf bitcoin-security bitcoin-wallet blockchain cryptocurrency dark-pool finance kyc market-analysis otc otc-trading privacy regulatory-compliance rust security tax-calculator wealth-management
Last synced: 31 Mar 2025
https://github.com/leonlatsch/Photok
Encrypted Photo Safe for Android
android android-app app encryption image kotlin photos safe security
Last synced: 15 Apr 2025
https://github.com/WeiyiGeek/SecOpsDev
项目介绍: 自己闲来无事所写以及工作中抽取的安全/运维/开发方面的代码小脚本 ,希望大家多多star支持。
development devops security tools
Last synced: 12 Jul 2025
https://github.com/OWASP/samm
SAMM stands for Software Assurance Maturity Model.
maturity-models owasp-samm security
Last synced: 01 Apr 2025
https://github.com/mondoohq/cnspec
An open source, cloud-native security to protect everything from build to runtime
cloud-native compliance declarative kubernetes opensource policy policy-as-code security security-as-code
Last synced: 20 Jan 2026
https://github.com/spectralops/keyscope
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
developer-tools devops pentest rust security testing vault
Last synced: 15 May 2025
https://github.com/lukebaggett/dnscat2-powershell
A Powershell client for dnscat2, an encrypted DNS command and control tool.
penetration-testing powershell security
Last synced: 02 Apr 2025
https://github.com/SpectralOps/keyscope
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
developer-tools devops pentest rust security testing vault
Last synced: 01 Apr 2025
https://github.com/sneakerhax/TTPs
Red Team Tactics, Techniques, and Procedures
bash linux pentesting powershell python python3 redteam security windows
Last synced: 11 Apr 2025
https://github.com/0xbug/biu
网络资产攻击面梳理
attack-surface-management biu biu-asm easm security
Last synced: 01 Nov 2025
https://github.com/yoxisem544/screenshotpreventing-ios
Prevent screenshot or screenrecording on iOS devices
cocoapods ios ios-lib screencapture screenrecord screenrecording screenshot security spm swift swiftpackage swiftpm swiftui uikit xcode
Last synced: 03 Oct 2025
https://github.com/xeol-io/xeol
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
compliance end-of-life eol fedramp nist outdated-dep outdated-libraries outdated-packages pci-dss release-policy sbom security
Last synced: 14 May 2025
https://github.com/sirilius/watermarkktp
Watermark KTP is a free and secure web-based tool that allows you to add a watermark to your scanned KTP (Indonesian ID card).
idcard indonesia ktp security security-tools signature watermark watermark-image watermarking watermarkktp
Last synced: 15 Apr 2025
https://github.com/noqcks/xeol
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
compliance end-of-life eol fedramp nist outdated-dep outdated-libraries outdated-packages pci-dss release-policy sbom security
Last synced: 13 May 2025
https://github.com/Ostorlab/oxo
OXO is a security scanning orchestrator for the modern age.
scanner security security-scanner security-tools
Last synced: 03 Apr 2025
https://github.com/hahwul/authz0
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
auth authorization authz bugbounty golang golang-application security security-scanner security-tools
Last synced: 05 Apr 2025
https://github.com/paradigmxyz/paradigm-ctf-2022
Puzzles used in the 2022 Paradigm CTF
blockchain crypto ctf ethereum evm security solidity
Last synced: 15 Aug 2025
https://github.com/turbot/steampipe-mod-aws-compliance
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
aws cis cis-benchmark compliance hacktoberfest hipaa nist-csf pci pci-dss powerpipe powerpipe-mod rbi security sql steampipe steampipe-mod
Last synced: 15 May 2025
https://github.com/kintesh/containerise
Firefox extension to automatically open websites in a container
firefox firefox-extension privacy security
Last synced: 02 Apr 2025
https://github.com/d4rckh/gorilla
tool for generating wordlists or extending an existing one using mutations.
cracking hash hashcat infosec johntheripper security
Last synced: 09 Oct 2025
https://github.com/teler-sh/teler-waf
teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks.
go go-library go-package golang http ids middleware router security security-tools teler teler-ids teler-waf waf
Last synced: 15 Jan 2026
https://github.com/hahwul/mad-metasploit
Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
bugbounty collections hacking mad-metasploit metasploit resources security
Last synced: 05 Apr 2025
https://github.com/tldrsec/prompt-injection-defenses
Every practical and proposed defense against prompt injection.
ai cybersecurity prompt-injection security
Last synced: 18 Jan 2026
https://github.com/brandonprry/gray_hat_csharp_code
This repository contains full code examples from the book Gray Hat C#
arachni automation blueteam c-sharp clamav cuckoo-sandbox dotnet fuzzer metasploit mono nessus nexpose openvas payload pentesting redteam security sql-injection sqlmap xamarin
Last synced: 18 Dec 2025
https://github.com/HardenedBSD/hardenedBSD
HardenedBSD implements strong exploit mitigations and security hardening technologies on top of FreeBSD, with a direct focus on the nexus between human rights and information security. HardenedBSD is the first (and only) enterprise operating system to have every part of its public infrastructure accessible by human-rights focused technologies like Tor Onion Services.
hardenedbsd hardening infosec operating-system security
Last synced: 13 May 2025
https://github.com/Koukyosyumei/AIJack
Security and Privacy Risk Simulator for Machine Learning (arXiv:2312.17667)
adversarial-attacks adversarial-examples adversarial-machine-learning dbms deep-learning differential-privacy evasion-attack federated-learning homomorphic-encryption k-anonymity machine-learning membership-inference model-inversion-attacks paillier paillier-cryptosystem poisoning-attacks privacy security
Last synced: 14 Jun 2025
https://github.com/wazuh/wazuh-ansible
Wazuh - Ansible playbook
ansible compliance elasticsearch file-integrity-management hacktoberfest hacktoberfest-accepted ids incident-response intrusion-detection log-analysis loganalyzer monitoring ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh
Last synced: 16 Jan 2026
https://github.com/cloudflare/svg-hush
Make it safe to serve untrusted SVG files
sanitizer security svg xss-filter
Last synced: 16 May 2025
https://github.com/abumq/licensepp
Software licensing and registration using digital signatures and public cryptography 🪪
licensing security software-license software-licensing
Last synced: 05 Apr 2025
https://github.com/scheb/two-factor-bundle
[ABANDONED] Two-factor authentication for Symfony 2 & 3 applications 🔐. Please use the newer versions from https://github.com/scheb/2fa.
2fa authentication google-authenticator security symfony-bundle totp two-factor-authentication
Last synced: 03 Oct 2025
https://github.com/gitleaks/gitleaks-action
Protect your secrets using Gitleaks-Action
action actions github github-actions secret-scanner secret-scanning secrets security security-automation security-tools static-analysis
Last synced: 12 Jan 2026
https://github.com/gildasio/h2t
h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
defense hardening headers http security web-application-security
Last synced: 14 Mar 2025
https://github.com/mondoohq/cnquery
open source, cloud-native, graph-based asset inventory
aws azure cis cloud-computing cloud-native gcp kubernetes linux macos security security-as-code unix windows
Last synced: 22 Jan 2026
https://github.com/docker/scout-cli
Docker Scout CLI
docker security supply-chain-security
Last synced: 15 May 2025
https://github.com/mhmdiaa/second-order
Second-order subdomain takeover scanner
crawler crawling infosec mapping penetration-testing penetration-testing-tools pentesting recon reconnaissance security security-tools web-application-security wordlist wordlist-generator
Last synced: 05 Apr 2025
https://github.com/SPuerBRead/Bridge
无回显漏洞测试辅助平台,平台使用Java编写,提供DNSLOG,HTTPLOG等功能,辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
dnslog httplog security security-tools
Last synced: 11 Jul 2025
https://github.com/dymmond/ravyn
Ravyn combines performance, type safety, and elegance. A next-generation async Python framework for APIs, microservices, and web applications.
api async asyncio framework json json-schema openapi openapi3 pydantic python python-types python3 redoc rest security starlette swagger swagger-ui uvicorn web
Last synced: 16 Jan 2026
https://github.com/turbot/powerpipe
Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.
aws azure cis cloud cnapp cspm dashboards devops devsecops duckdb gcp hacktoberfest hcl kubernetes mysql postgresql security sql sqlite terraform
Last synced: 16 May 2025
https://github.com/boyan-milanov/ropium
ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together
binary-exploitation chaining-gadgets exploit-development gadget rop-chain rop-exploits rop-gadgets security security-vulnerability semantic
Last synced: 05 Apr 2025
https://github.com/zorggomat/FractalCryptGUI
Free cross-platform deniable encryption cryptoarchiver
aes aes-256 aes-encryption cpp cross-platform cryptography deniable-crypto deniable-encryption minizip openssl openssl-library plausible-deniability qt qt5 qt5-gui quazip security steganography zlib
Last synced: 01 May 2025
https://github.com/security-cheatsheet/wireshark-cheatsheet
Wireshark Cheat Sheet
cheat-sheet cheat-sheets cheatsheet cyber-security cybersecurity gitbook github information-security infosec network-analysis network-testing penetration-test penetration-testing security wireshark wireshark-cheat-sheet wireshark-cheatsheet wireshark-documantion
Last synced: 20 Mar 2025
https://github.com/alipay/ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
application benchmark dast evaluation iast sast sca security testing
Last synced: 15 May 2025
https://github.com/crocs-muni/javacard-curated-list
Curated list of open-source Java Card applets and related applications for cryptographic smartcards
cryptography currated javacard security smartcard
Last synced: 16 Mar 2025
https://github.com/center-for-threat-informed-defense/security-stack-mappings
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
aws azure cloud gcp mitre-attack security
Last synced: 31 Mar 2025
https://github.com/ivpn/android-app
Official IVPN Android app
android ivpn privacy security vpn vpn-client
Last synced: 16 May 2025